Files
neuron-tai/.scratch/alpha-hardening/issues/03-c5-starting-credit-zero.md
D.Popov 68e057209c Add alpha-hardening ADRs and issue plan from pre-release audit.
Lock alpha scope, tracker auth, TOPLOC fraud verification, and deferred multi-tracker money-path work; supersede legacy fraud issues with ADR-0018.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-04 23:12:09 +03:00

1.6 KiB
Raw Blame History

Status: ready-for-agent

03 — C5 + M1: Starting credit 0, funded-account gate, spend cap

What to build

Close the free-credit faucet. New API keys start at 0 USDT; inference requires a real deposit or admin credit. Add a configurable per-request spend cap (M1) to limit runaway charges on compromised keys.

Code refs:

  • packages/tracker/meshnet_tracker/billing.pyDEFAULT_STARTING_CREDIT = 1.0 (~22), ensure_client (~7385), has_funds (~8788), duplicate credit on charge (~130138)
  • packages/tracker/meshnet_tracker/server.py — billing gate before routing (~16671690)

Per ADR-0017 §2 and ADR-0016 §3.

Test-first

  1. Red: new API key gets 1.0 USDT implicit credit — test expects 0 balance until deposit.
  2. Red: first inference without deposit returns 402.
  3. Green: DEFAULT_STARTING_CREDIT = 0.0; optional --max-charge-per-request config.

Acceptance criteria

  • DEFAULT_STARTING_CREDIT is 0.0; no automatic caller credit on first touch
  • has_funds false for fresh keys; 402 before routing (server.py ~1684)
  • Admin credit_client or bound-wallet deposit still funds accounts
  • Configurable max charge per request (M1) rejects oversize completions with clear error
  • Tests: fresh key blocked; after credit/deposit, inference proceeds

Blocked by

  • 02-a2-unified-auth-boundary.md (admin credit path secured)